Security Engineer, Threat Response

At Asana, security is foundational to our mission of helping humanity thrive by enabling the world's teams to work together effortlessly. Our security team protects Asana's employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations.

We are looking for a Security Engineer, Threat Response to join our Security blue team in New York City. You'll be a foundational member of the security presence in a key hub, partnering directly with IT, infrastructure, and product teams to ensure we have robust detection, response, and vulnerability management capabilities. You will be instrumental in scaling our security practices by building effective monitoring, automating repetitive security operations tasks, and championing a security-first mindset.

This role sits within the Security Threat Operations and Response Management (STORM) group, responsible for the security of Asana the company and the security of the product — ensuring we maintain customer trust and are able to grow sustainably. You will collaborate with teams across the company including Infrastructure, Customer Success, Legal, IT, and other key stakeholders to drive better incident response outcomes.

This role is based in our New York City or San Francisco office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do and the teams with which you partner. If you're interviewing for this role, your recruiter will share more about the in-office requirements.

What you’ll achieve

• Lead security incident detection, analysis, and response efforts, ensuring timely and effective remediation of security incidents.
• Actively participate in and lead the on-call rotation, setting the standard for security incident management across the team.
• Manage and mature our vulnerability management program, including scanning, assessment, prioritization, and tracking remediation efforts.
• Utilize and optimize security tools such as Panther for SIEM, CrowdStrike for endpoint detection and response, and other security platforms.
• Develop, implement, and maintain security playbooks and automation scripts to streamline security operations and reduce manual toil.
• Monitor security alerts and threat intelligence feeds, proactively identifying and addressing emerging threats.
• Conduct forensic analysis during security incidents to understand the scope and impact of incidents.
• Lead retrospectives to help raise engineering excellence and embed a continuous improvement culture across the team.
• Drive incident management and incident response best practices across the company, mentoring fellow engineers through pairing, process definition, and training exercises.
• Participate in and help lead tabletop exercises to ensure different stakeholders are thinking about and preparing for incidents across the company.
• Collaborate with engineering teams to integrate security best practices into development processes and provide guidance on secure configurations.
• Stay informed of industry trends, emerging threats, and best practices in security operations, detection, and response to ensure Asana's security posture remains robust.
• Collaborate with teammates and stakeholders to develop both short-term and long-term strategies for risk management.

About you

• 5+ years of experience in security operations, incident response, threat detection, or vulnerability management.
• Strong experience with SIEM platforms (e.g., Panther, Splunk, Elastic Security) for log analysis, alert correlation, and dashboard creation.
• Deep working knowledge of endpoint detection and response (EDR) tools (e.g., CrowdStrike, SentinelOne) and their capabilities.
• Proven experience in developing and implementing security automation using scripting languages (e.g., Python, PowerShell) or orchestration tools.
• Experience performing security incident investigations and forensic analysis.
• Familiarity with common attack techniques, tactics, and procedures (TTPs) and frameworks like MITRE ATT&CK.
• Hands-on technical expertise in at least two of the following areas: Cloud Security, Detection & Response, Digital Forensics, Network Security, Abuse, or Fraud.
• Experience working in environments composed primarily of SaaS and cloud resources.
• Track record of successfully leading incident response projects and mentoring engineers on security operations.
• Experience making technical trade-offs and articulating them clearly to stakeholders at different levels, both internal and external.

Communication & Mindset

• Excellent communication skills, able to explain complex technical concepts clearly to both technical and non-technical partners.
• Customer-obsessed mindset with a drive to deliver the best possible experience and outcomes for Asana's customers and users.
• A pragmatic and collaborative mindset, with a passion for building robust defences and enabling other engineers to do their best, most secure work.
• Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

Additional Experience We Value

• Hands-on experience with logging and monitoring tools such as Datadog, Splunk, and Panther.
• Hands-on experience with AWS, Google Workspace, and common SaaS applications.
• Experience with macOS endpoint security, including investigation workflows and EDR capabilities on Apple platforms.
• Experience with bug bounty programs.
• Experience with red team/blue team or purple team exercises.

Nice to have: Familiarity with FedRAMP requirements, particularly around incident reporting obligations, continuous monitoring, and evidence collection standards for FedRAMP-authorised environments.

What we'll offer

Our comprehensive compensation package plays a big part in how we recognize you for the impact you have on our path to achieving our mission. We believe that compensation should be reflective of the value you create relative to the market value of your role. To ensure pay is fair and not impacted by biases, we're committed to looking at market value, which is why we check ourselves and conduct a yearly pay equity audit.

For this role, the estimated base salary range is between $202,000 – $230,000. The actual base salary will vary based on various factors, including market and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified.

In addition to base salary, your compensation package may include additional components such as equity, and benefits. If you're interviewing for this role, speak with your Talent Acquisition Partner to learn more about the total compensation and benefits for this role.

We strive to provide equitable and competitive benefits packages that support our employees worldwide and include:

• Mental health, wellness & fitness benefits
• Career coaching & support
• Inclusive family building benefits
• Long-term savings or retirement plans
• In-office culinary options to cater to your dietary preferences

These are just some of the benefits we offer, and benefits may vary based on role, country, and local regulations. If you're interviewing for this role, speak with your Talent Acquisition Partner to learn more about the total compensation and benefits for this role.